Outputs #
- A physical, designed network, plus software as set out in the KSBs listed in tables.
- A written justification for the approach taken (a 1,000 word +/- 100 words written document).
KSBs #
| Type | Index | Name | Pass Description |
|---|---|---|---|
| TC | 2 | Design, build, configure, optimise, test and troubleshoot simple and complex networks. | Design, build and test a simple network that includes hubs, switches, routers and user devices to a given design requirement without supervision. Provide evidence that the system meets the design requirement. Design, build & test a distributed network (more than 1 sub-net) with static and dynamic routes. Troubleshoot typical problems in network designs and implementations. |
| TC | 4 | Build test and debug a digital system to a specification. | Build, test and debug a digital system employing a number of different components that works to achieve a defined specification. |
| TC | 5 | Configure an Operating System in accordance with security policy. Identify threats and features. | Identify potential threats to OSs and the security features designed to guard against them and residual vulnerabilities of these security features. Configure OSs according to security policies and integrate into system development. |
| TC | 8 | Construct software to interact with the real world and analyse for security exploits. | Construct a simple system to demonstrate software interacting with the physical world and analyse how the software-physical interactions may be exploited. |
| TC | 18 | Configure and use security technology components and key management. | Select and configure at least 2 types of common security hardware and software components to implement a given security policy. Design a system employing a crypto to meet defined security objectives. Develop and implement a key management plan for the given scenario/system. |
| TC | 19 | Design & evaluate a system to a security case. | Design and build a simple system in accordance with a simple security case. Provide evidence that the system has properly implemented the security controls required by the security case. The system could be either at the enterprise, network or application layer. |
| TC | 20 | Architect, analyse & justify a secure system. | Apply interpretation of security policy and risk profiles to design secure architectural solutions that meet security objectives, mitigate the risks and conform to legislation in a representative business scenario. Critically analyse secure architectural solutions and security controls against defined security objectives to assess how effectively risks are mitigated, legal requirements and business requirements are met. Identify and describe the means by which the risk owner can have confidence that the solution mitigates the risks to an acceptable level. |
| TC | 26 | Develop & apply information security policy to implement legal or regulatory requirements. | Develop an information security policy or process to address an identified risk. Develop an information security policy within a defined scope to take account of a minimum of one law or regulation relevant to cyber security. |
| TKU | 2 | Network foundations, connections, internet working, protocols, standards, performance, security and server virtualisation. | Describe the fundamental building blocks (e.g. routers, switches, hubs, storage, transmission) and typical architectures (e.g. server/client, hub/spoke) of computers networks and the Internet. Explain what is meant by data and protocol and how they relate to each other. Describe an example data format and a simple protocol in current use (using protocol diagrams). Describe example failure modes in protocols, for example reasons why a protocol may ‘hang’ and the effect on a protocol of data communication errors, Describe at least one approach to error control in a network. Describe the main features of network protocols in widespread use on the Internet and their purpose and relationship to each other, including the physical and data link layer. (e.g. https, HTTP, SMTP, SNMP, TCP, IP, BGP, DNS etc). Explain some of main factors that affect network performance (e.g. the relationship between bandwidth, number of users, nature of traffic, contention) and propose ways to improve performance (e.g. application of traffic shaping, changes to architecture to avoid bottlenecks, network policy that prohibit streaming protocols). Understand the impact of the employment of virtualisation techniques to networks and its role in ‘Cloud’. Understand network-based attacks: eavesdropping / sniffing, man-in-the-middle, spoofing, session hijacking, denial of service, traffic redirection, routing attacks, traffic analysis, malware. Understand network monitoring and mapping. Discuss issues that may arise in the day to day operation of networks. Describe the main routing protocols in current use in computer networks and explain the differences between static and dynamic routing protocols and the pros and cons of each in different circumstances. |
| TKU | 4 | Computer architecture, digital logic, machine level representation of data. | Understand: classical computer architectures; virtualised architectures; digital logic, static and dynamic digital systems; machine level representation of data; assembly level machine organisation; memory system organisation and architecture; interfacing and communication. |
| TKU | 5 | Operating system principles, architectures, features, mechanisms, security features and exploits. | Understand that an OS defines an abstraction of hardware and manages resource sharing among a computer’s users: OS principles; concurrency and synchronisation; scheduling and dispatch; memory management; security and protection; kernel security and protection; file systems; I/O system. Understand typical OS security features and how these may themselves be exploited. |
| TKU | 8 | How software interacts with hardware and real-world environment and security issues. | Understand how software can interact with the hardware/physical environment: how software running on a microprocessor may interact with signals from sensors or effect actuators; identify how a threat actor may exploit the external environment or software/hardware interface and mitigations that may be employed. Understand the specific security challenges posed by ‘embedded systems’ (i.e. with size, power, processor, memory, scale, bandwidth limitations) for example ‘Internet of Things’ (IoT) devices. |
| TKU | 18 | Security components: how they are used for security / business benefit. Crypto & key management. | Describe common types of security hardware and software which are used to protect systems (e.g. firewalls, encryption for data at rest, encryption for communication, intrusion detection systems (IDS), intrusion protection systems (IPS), identity and access management (IDAM) tools, anti-virus (AV), web proxy, application firewalls, cross domain components, hardware security module (HSM), TPM, UTM) and explain how each may be used to deliver risk mitigation or implement a security case, understanding the benefits/limitations, and taking into account the implicit assurance (including supplier assurance and considering the benefits and risks of open source options) of the component, describing any residual risks. Describe the main cryptographic techniques (e.g. symmetric, public key, secure hash, digital signing, block cipher etc.), how they are applied and to what end and their limitations (including study of some examples of badly applied or implemented cryptographic techniques). Explain the significance of key management and the main features, benefits and limitations of symmetric and public key cryptosystems and the significance of entropy. Describe the role of cryptographic techniques in a range of different systems (e.g. GSM, Chip&PIN, common hard disk encryption, TLS, SSL, privacy enforcing technology) and the practical issues introducing such into service and updating them. |
| TKU | 19 | How to compose a justified security case. | Compose a security case, deriving objectives with reasoned justification in a representative business scenario. |
| TKU | 20 | Understand security assurance, how to achieve it and how to apply security principles. | Understand how to interpret security policy and risk profiles into secure architectural solutions that meet security objectives, mitigate the risks and conform to legislation in a representative business scenario. Describe the fundamental security technology building blocks and typical architectures and architecture frameworks. Understand design principles for architecting a secure system (separation of concerns, failsafe/fail-secure, defence in depth, least privilege, how to apply proven security architectural patterns from reputable sources, how to incorporate appropriate security controls). Understand security assurance (‘trustworthy’ versus ‘trusted’) and how an architecture may be assured. |
| TKU | 26 | Legal responsibilities of system owners, users, employers, employees. | Describe the legal responsibilities of system users and how these are communicated effectively. Understand laws and regulations applicable to cyber security, personal and sensitive data, employee protection and monitoring, relevant to England and one other non- UK jurisdiction. This understanding should encompass what is prohibited (i.e. an offence), protections, legal risks and obligations. |
| UPIBKS | Fluent in written communications and able to articulate complex issues. | Produce well-structured and concise written work that sets out complex technical matters in ways which that would be accessible to non-technical recipients as well as technical staff (as appropriate). | |
| UPIBKS | Analytical and critical thinking skills for Technology Solutions development and can systematically analyse and apply structured problem-solving techniques to complex systems and situations. | Evaluate information and then make a rational decision on the approach to take to solve the problem, based on their findings; spot trends in data and articulate the implications. | |
| UPIBKS | Can conduct effective research, using literature and other media. | Put into practice sound research techniques (using literature and other media) and articulate in writing and/or verbally how they have utilised the findings in their work. | |
| UPIBKS | Logical thinking and creative approach to problem solving. | Observe and analyse phenomena, reactions and feedback, and draw logical conclusions based on that input. | |
| UPIBKS | Able to demonstrate a ‘security mind-set’ (how to break as well as make). | Think about how things can be made to fail, as well as about how things can be made to work. | |
| Bh | Demonstrates business disciplines, ethics and courtesies, demonstrating timeliness and focus when faced with distractions and the ability to complete tasks to a deadline with high quality. | Act in a professional way as required in the cyber security context. | |
| Bh | Flexible attitude and ability to perform under pressure. | Deliver the best project outcomes against goals, re-prioritising as necessary, even in challenging circumstances. |